Stopping a Windows Server service if you cannot do so from the GUI

Occasionally you need to force stop a Windows service.  In order to do it follow these steps.
 
Open the command prompt by going to the start menu and typing CMD.  Don’t just click on it but shift+right click on it to run as administrator.  Once that is complete type in the following command
sc queryex MyService
Where you replace MyService with the name of the service you’re trying to kill.
You will see a bunch of lines.  You’re looking for one that looks like this.
PID                : 3028
Once you have the PID you need to run this command
taskkill /F /PID 3028
 

Gettign rid of certificate warning errors for Outlook in Exchange 2007 2010

You may see an Outlook error “The name of the security certificate is invalid or does not match the name of the site.” if you order a UCC cert.  This is because you cannot add your internal server names to the certificate.  Therefore, it is necessary to change where Outlook clients connect.
 
Set-ClientAccessServer –Identity cas –AutodiscoverServiceInternalUri https://mail.myCAS.com/autodiscover/autodiscover.xml
Set-WebServicesVirtualDirectory –Identity “EWS (Default Web Site)” –InternalUrl https://mail.myCAS.com/ews/exchange.asmx
Set-OABVirtualDirectory –Identity “oab (Default Web Site)” –InternalUrl https://mail.myCAS.com/oab
If you are utilizing the Unified Messaging Service (UMS), you will also need to input the following:
Set-UMVirtualDirectory –Identity “unifiedmessaging (Default Web Site)” –InternalUrl https://mail.myCAS.com/unifiedmessaging/service.asmx

How to see who has been logging in to your Gmail account

If you are concerned someone has been logging in to your Gmail to read your emails or send spam it is easy to check and see.
The first thing you need to do is open your web browser to https://security.google.com/
From here just click on recent events or – https://security.google.com/settings/security/activity
This gives you an idea geographically of where your account has been accessed from.  If you see anything suspicious change your password or enable two step authentication!  Two step authentication is a great feature in which you cannot access your Gmail without having your cell phone.  Once you add it to your account if you ever try to login from an unknown place Gmail forces you to input a special code sent to you via text message.

How to get the computer name on Windows 7 or 8 without logging in

You will notice with Windows 7 and 8 you no longer get the computer name drop down.  However, you can still find the computer name by simply typing in . for the username and hitting tab.  The computer name will be displayed under the password field.

Configuring mutual CHAP authentication between Lenovo IX2 and Windows Server 2008r2

Setting up mutual CHAP authentication between Windows Server and a Lenovo IX2 is pretty easy and straightforward.
First you simply login to your IX2 and enable CHAP.  Go through the steps outlined below.
iscsi ix2
 
One this is complete open the iSCSI initiator in Windows.  You will want to now configure the CHAP authentication as outlined.
chap
 
One that is complete you must run discovery.  Those steps are here.
discovery
Now that you have ran discovery the last step is to connect the drive.
connect
 

How to install a Godaddy SSL certificate on a Cisco ASA firewall

The first step in getting an SSL certificate for your Cisco ASA is to generate a CSR request.
1.  Open ASDM > Configuration > Device Management
2.  Certificate Management > Identity Certificates > Add
3.  Add a New Identity Certificate > New
4.  Click the “Enter new key pair name” radio button.  Enter your FQDN of your firewall (VPN.MyDomain.com)
5.  Change the size to 2048
6.  Click generate now.
7.  On the next screen choose the following attributes and fill in the values then click add.
CN = FQDN of your domain (vpn.MyDomain.com)
OU = Department of your business responsible (IT)
O = Legal name of organization
C = Country abbreviation (US)
ST = State abbreviation (AZ)
L = City (Scottsdale)
8.  Click ok once these are all added
9.  Click advanced
10.  In the FQDN type again your FQDN (Vpn.MyDomain.com)
11.  Click Ok and Add Certificate.
12.  You will be prompted to save this certificate to your PC which you should do.
13.  Login to your Godaddy account and copy and paste all the text from the CSR.
14.  Once you submit your CSR you can download the certificate to your PC in .crt format.
15.  Go back to the ASDM Certificate Management > Identity Certificates.  Select your previously generated CSR and click the install button.  Browse to the .crt file you were provided with from Godaddy.
16.  Now that you have installed the certificate you must tell the ASA to use it for SSL.  To do this in the Device Management on the ASA browse to advanced > SSL settings.
17.  Select the interface for your VPN clients and click edit.  Now select your new certificate
 
Congrats you should now be able to brose to your external web interface and see it is a trusted site!
 
 
 
 
 

Cisco ASDM will not launch with version 7.x

If you have the latest version of Java 7 and you’re using ASDM 7.x it will not work.  You must uninstall Java and downgrade to version 6!  Found here – http://www.oldapps.com/java.php

Users cannot manage distribution groups that they are owners of in Exchange 2013

If you have recently ran across an issue where users are unable to manage a distribution group in Outlook or Exchange even though you have made them owners of this group it is by design.  By default users in Exchange 2013 are assigned to the “Default Role Assignment Policy”.  This role does not have the permissions to edit group ownership even if they are owner’s of the distribution group.  In order to fix this you must login to the ECP by going to https://servername/ecp  Once here go into the permissions on the left hand side.
distribution groups i own
Click on admin roles in my instance I just assigned my user Recipient Management rights since they are an administrator level employee.  This resolves the issue.
permissions
If all of the following hold true then you can also just download and run this Powershell script.

  • I want my users to be able to manage distribution groups they own.
  • I don’t want them to be able to create distribution groups.
  • I don’t want them to be able to remove distribution groups even if they do own them.

# Script for creating a Role that can manage distributions groups but can’t create new ones
#
#################################################################################
#
# The sample scripts are not supported under any Microsoft standard support
# program or service. The sample scripts are provided AS IS without warranty
# of any kind. Microsoft further disclaims all implied warranties including, without
# limitation, any implied warranties of merchantability or of fitness for a particular
# purpose. The entire risk arising out of the use or performance of the sample scripts
# and documentation remains with you. In no event shall Microsoft, its authors, or
# anyone else involved in the creation, production, or delivery of the scripts be liable
# for any damages whatsoever (including, without limitation, damages for loss of business
# profits, business interruption, loss of business information, or other pecuniary loss)
# arising out of the use of or inability to use the sample scripts or documentation,
# even if Microsoft has been advised of the possibility of such damages
#
#################################################################################
#
# Written by Matthew Byrd
# Matbyrd@microsoft.com
# Last Updated 10.15.09

# Parameter to get a different name than default for the new Role
Param([string]$name=”MyDistributionGroupsManagement”,[string]$policy=”Default Role Assignment Policy”,[switch]$creategroup,[switch]$removegroup)
# Help Function
Function Show-Help {

This script is will create or manage a management role designed to allow users to modify groups that they already own
but not create or remove any new distribution groups.
Switches:
-name           Name of the managment role you want to create or modify
Defaults to: `”MyDistributionGroupsManagmenet`”
-policy         Name of the Role Policy you want to assign the role to
Defaults to: `”Default Role Assignement Policy`”
-creategroup    Adds or Removes the ability of the Role to Create DLs
-removegroup    Adds or Removes the ability of the Role to Remove DLs
Examples:
——————————————–
This will Use the default names and Policy and will create a role that cannot
Create or remove groups but can still modify them.  If the role already exists
It will modify it by removing or adding the abiltity to create and remove groups
based on the current state.
Manage-GroupManagementRole -CreateGroup -RemoveGroup

}
# Function to modify a role by removing or adding Role Entries
# If no action is passed we assume remove
# $roleentry should be in the form RoleRoleentry e.g. MyRoleNew-DistributionGroup
Function ModifyRole {
Param($roleenty,$action)
Switch ($action){
Add {Add-ManagementRoleEntry $roleenty -confirm:$false}
Remove {Remove-ManagementRoleEntry $roleenty -confirm:$false}
Default {Remove-ManagementRoleEntry $roleenty -confirm:$false}
}
}
If (($creategroup -eq $false) -and ($removegroup -eq $false)){
Show-Help
exit
}
# Test if we have a role that already has that name
If (([bool](Get-Managementrole $name -erroraction Silentlycontinue)) -eq $true){
Write-Warning “Found a Role with Name: $name”
Write-Warning “Trying to Modify Existing Role”
}
Else {
# Create the new Management Role
Write-Host “Creating Managmenet Role $name”
New-ManagementRole -name $name -parent MyDistributionGroups
}
# Determine if we have the New and Remove Role Entries on the Role Already
$create = [bool](Get-managementroleentry $nameNew-DistributionGroup -erroraction Silentlycontinue)
$remove = [bool](Get-managementroleentry $nameRemove-DistributionGroup -erroraction Silentlycontinue)
# If we have the switch CreateGroup add or remove the RoleEntry for New-DistributionGroup
If ($creategroup -eq $true){
If ($create -eq $true){ModifyRole $nameNew-DistributionGroup Remove;Write-Host “Removing ability to create distribution Groups from $name”}
elseif ($create -eq $false) {ModifyRole $nameNew-DistributionGroup Add;Write-Host “Adding ability to create distribution Groups to $name”}
}
# If we have the switch RemoveGroup add or remove the RoleEntry for New-DistributionGroup
If ($removegroup -eq $true){
If ($remove -eq $true){ModifyRole $nameRemove-DistributionGroup Remove;Write-Host “Removing ability to create distribution Groups from $name”}
elseif ($remove -eq $false) {ModifyRole $nameRemove-DistributionGroup Add;Write-Host “Adding ability to create distribution Groups to $name”}
}
# Test if we have the assignment for the Role and Policy
# If we do … write a warning
# If not create a new assignment
If (([bool](get-managementroleassignment $name-$policy -erroraction SilentlyContinue)) -eq $true){
Write-Warning “Found Existing Role Assignment: $name-$policy”
Write-Warning “Making no modifications to Role Assignments”
}
Else {
# Assign the Role to the Role Policy
Write-Host “Creating Managmenet Role Assignment $name-$policy”
New-ManagementRoleAssignment -name ($name + “-” + $policy) -role $name -policy $policy
}
 

Can't edit virtual machines once you upgrade to VMware 5.5 ESX and a virtual machine version 10

If you recently upgraded to VMware 5.5 you will notice this warning if you try to edit your virtual machines.
error
“You cannot use the vSphere Client to edit the settings of virtual machines of version 10 or higher.  Use the vSphere Web Client to edit the settings of this virtual machine.”
Unfortunately the vSphere Web Client is not free.  So while you could download this you would be running in trial mode.  The simplest fix for this issues is to follow the following steps.

  1. Power down your VM.
  2. Right click on your VM and “remove from inventory”.
  3. Browse to the datastore and download the VMX file associated with the machine.
  4. Open notepad and edit the VMX file.  Look for virtualHW.version = “10″
  5. Edit the 10 and simply change it to a 9.  Save the file
  6. Upload it back to your VMware server.
  7. Browse to your datastore and click on “Add VM to inventory”.
  8. Power your system back on.

 
 

When connecting Cisco ipsec VPN client through 3G or 4G card you are unable to ping your remote network

If you are experiencing this issue it is a simple fix.  You just need to download this DNE fix.
 
http://www.citrix.com/go/lp/dne.html